nginx-0.8.50
Igor Sysoev
igor at sysoev.ru
Thu Sep 2 19:52:26 MSD 2010
On Thu, Sep 02, 2010 at 06:31:32PM +0300, Reinis Rozitis wrote:
> > Changes with nginx 0.8.50 02 Sep
> > 2010
> >
> > *) Feature: the "secure_link", "secure_link_md5", and
> > "secure_link_expires" directives of the ngx_http_secure_link_module.
>
> As already in the russian list ppl asked - could you explain the directives
> (some wiki/doc update) or even quick config example.
These directive add a new mode of the module operation.
Here is configuration example:
location /p/ {
location ~ ^/p/(?<secure>[\w\-=]+,\d+)(?<file>/.+)$ {
secure_link $secure;
secure_link_md5 $secure_link_expires.$file.PASSWORD;
secure_link_expires on;
if ($secure_link = "") {
return 403;
}
if ($secure_link == 0) {
return 410;
}
alias /path/to$file;
}
return 404;
error_page 403 /forbidden.html;
error_page 404 /not_found.html;
error_page 410 =403 /link_expired.html;
}
The "secure_link" directive specifies how to get hash and optional
expiration time. The hash is md5 hash encoded in base64 for URIs
(i.e., where "+" and "/" are changed to "-" and "_"). The optional time
goes after ",".
You can set hash in a URI, in a query string ($arg_secure), or in a cookie
($cookie_secure).
The "secure_link_expires" directive specifies should the module test
the expiration time. You may add the time in URI, etc., but may not test it.
The $secure_link_expires variable has the time value exctracted by
"secure_link" directive.
The "secure_link_md5" directive specifies string for md5 hash.
The $secure_link variable has the following values:
"" - no valid link
"0" - expired link
"1" - valid link
--
Igor Sysoev
http://sysoev.ru/en/
More information about the nginx
mailing list